INFILTRATION. SABOTAGE. MAYHEM. FOR YEARS FOUR-STAR
GENERAL KEITH ALEXANDER HAS BEEN BUILDING A SECRET ARMY CAPABLE OF
LAUNCHING DEVASTATING CYBERATTACKS. NOW IT’S READY TO UNLEASH HELL.

Inside Fort Meade, Maryland, a top-secret city bustles. Tens of
thousands of people move through more than 50 buildings - the city has
its own post office, fire department, and police force. But as if
designed by Kafka, it sits among a forest of trees, surrounded by
electrified fences and heavily armed guards, protected by antitank
barriers, monitored by sensitive motion detectors, and watched by
rotating cameras. To block any telltale electromagnetic signals from
escaping, the inner walls of the buildings are wrapped in protective
copper shielding and the one-way windows are embedded with a fine copper
mesh.

This is the undisputed domain of General Keith
Alexander, a man few even in Washington would likely recognize. Never
before has anyone in America's intelligence sphere come close to his
degree of power, the number of people under his command, the expanse of
his rule, the length of his reign, or the depth of his secrecy. A
four-star Army general, his authority extends across three domains: He
is director of the world's largest intelligence service, the National
Security Agency; chief of the Central Security Service; and commander of
the US Cyber Command. As such, he has his own secret military, presiding
over the Navy's 10th Fleet, the 24th Air Force, and the Second Army.

Alexander runs the nation's cyberwar efforts, an
empire he has built over the past eight years by insisting that the US's
inherent vulnerability to digital attacks requires him to amass more and
more authority over the data zipping around the globe. In his telling,
the threat is so mind-bogglingly huge that the nation has little option
but to eventually put the entire civilian Internet under his protection,
requiring tweets and emails to pass through his filters, and putting the
kill switch under the government's forefinger. "What we see is an
increasing level of activity on the networks," he said at a recent
security conference in Canada. "I am concerned that this is going to
break a threshold where the private sector can no longer handle it and
the government is going to have to step in."

In its tightly controlled public relations, the NSA
has focused attention on the threat of cyberattack against the US - the
vulnerability of critical infrastructure like power plants and water
systems, the susceptibility of the military's command and control
structure, the dependence of the economy on the Internet's smooth
functioning. Defense against these threats was the paramount mission
trumpeted by NSA brass at congressional hearings and hashed over at
security conferences.

But there is a flip side to this equation that is
rarely mentioned: The military has for years been developing offensive
capabilities, giving it the power not just to defend the US but to
assail its foes. Using so-called cyber-kinetic attacks, Alexander and
his forces now have the capability to physically destroy an adversary's
equipment and infrastructure, and potentially even to kill. Alexander -
who declined to be interviewed for this article - has concluded that
such cyberweapons are as crucial to 21st-century warfare as nuclear arms
were in the 20th.

And he and his cyberwarriors have already launched
their first attack. The cyberweapon that came to be known as Stuxnet was
created and built by the NSA in partnership with the CIA and Israeli
intelligence in the mid-2000s. The first known piece of malware designed
to destroy physical equipment, Stuxnet was aimed at Iran's nuclear
facility in Natanz. By surreptitiously taking control of an industrial
control link known as a Scada (Supervisory Control and Data Acquisition)
system, the sophisticated worm was able to damage about a thousand
centrifuges used to enrich nuclear material.

The success of this sabotage came to light only in
June 2010, when the malware spread to outside computers. It was spotted
by independent security researchers, who identified telltale signs that
the worm was the work of thousands of hours of professional development.
Despite headlines around the globe, officials in Washington have never
openly acknowledged that the US was behind the attack. It wasn't until
2012 that anonymous sources within the Obama administration took credit
for it in interviews with The New York Times.

But Stuxnet is only the beginning. Alexander's agency
has recruited thousands of computer experts, hackers, and engineering
PhDs to expand US offensive capabilities in the digital realm. The
Pentagon has requested $4.7 billion for "cyberspace operations," even as
the budget of the CIA and other intelligence agencies could fall by $4.4
billion. It is pouring millions into cyberdefense contractors. And more
attacks may be planned.

Inside the government, the general is regarded with a
mixture of respect and fear, not unlike J. Edgar Hoover, another
security figure whose tenure spanned multiple presidencies. "We jokingly
referred to him as Emperor Alexander - with good cause, because whatever
Keith wants, Keith gets," says one former senior CIA official who agreed
to speak on condition of anonymity. "We would sit back literally in awe
of what he was able to get from Congress, from the White House, and at
the expense of everybody else."

Now 61, Alexander has said he plans to retire in 2014;
when he does step down he will leave behind an enduring legacy - a
position of far-reaching authority and potentially Strangelovian powers
at a time when the distinction between cyberwarfare and conventional
warfare is beginning to blur. A recent Pentagon report made that point
in dramatic terms. It recommended possible deterrents to a cyberattack
on the US. Among the options: launching nuclear weapons.

He may be a four-star Army general, but Alexander more
closely resembles a head librarian than George Patton. His face is
anemic, his lips a neutral horizontal line. Bald halfway back, he has
hair the color of strong tea that turns gray on the sides, where it is
cut close to the skin, more schoolboy than boot camp. For a time he wore
large rimless glasses that seemed to swallow his eyes. Some combat types
had a derisive nickname for him: Alexander the Geek.

Born in 1951, the third of five children, Alexander
was raised in the small upstate New York hamlet of Onondaga Hill, a
suburb of Syracuse. He tossed papers for the Syracuse Post-Standard and
ran track at Westhill High School while his father, a former Marine
private, was involved in local Republican politics. It was 1970, Richard
Nixon was president, and most of the country had by then begun to see
the war in Vietnam as a disaster. But Alexander had been accepted at
West Point, joining a class that included two other future four-star
generals, David Petraeus and Martin Dempsey. Alexander would never get
the chance to serve in Vietnam. Just as he stepped off the bus at West
Point, the ground war finally began winding down.

In April 1974, just before graduation, he married his
high school classmate Deborah Lynn Douglas, who grew up two doors away
in Onondaga Hill. The fighting in Vietnam was over, but the Cold War was
still bubbling, and Alexander focused his career on the solitary,
rarefied world of signals intelligence, bouncing from secret NSA base to
secret NSA base, mostly in the US and Germany. He proved a competent
administrator, carrying out assignments and adapting to the rapidly
changing high tech environment. Along the way he picked up masters
degrees in electronic warfare, physics, national security strategy, and
business administration. As a result, he quickly rose up the military
intelligence ranks, where expertise in advanced technology was at a
premium.

In 2001, Alexander was a one-star general in charge of
the Army Intelligence and Security Command, the military's worldwide
network of 10,700 spies and eavesdroppers. In March of that year he told
his hometown Syracuse newspaper that his job was to discover threats to
the country. "We have to stay out in front of our adversary," Alexander
said. "It's a chess game, and you don't want to lose this one." But just
six months later, Alexander and the rest of the American intelligence
community suffered a devastating defeat when they were surprised by the
attacks on 9/11. Following the assault, he ordered his Army intercept
operators to begin illegally monitoring the phone calls and email of
American citizens who had nothing to do with terrorism, including
intimate calls between journalists and their spouses. Congress later
gave retroactive immunity to the telecoms that assisted the government.

In 2003 Alexander, a favorite of defense secretary
Donald Rumsfeld, was named the Army's deputy chief of staff for
intelligence, the service's most senior intelligence position. Among the
units under his command were the military intelligence teams involved in
the human rights abuses at Baghdad's Abu Ghraib prison. Two years later,
Rumsfeld appointed Alexander - now a three-star general - director of
the NSA, where he oversaw the illegal, warrantless wiretapping program
while deceiving members of the House Intelligence Committee. In a
publicly released letter to Alexander shortly after The New York Times
exposed the program, US representative Rush Holt, a member of the
committee, angrily took him to task for not being forthcoming about the
wiretapping: "Your responses make a mockery of congressional oversight."

Alexander also proved to be militant about secrecy. In
2005 a senior agency employee named Thomas Drake allegedly gave
information to The Baltimore Sun showing that a publicly discussed
program known as Trailblazer was millions of dollars overbudget, behind
schedule, possibly illegal, and a serious threat to privacy. In
response, federal prosecutors charged Drake with 10 felony counts,
including retaining classified documents and making false statements. He
faced up to 35 years in prison - despite the fact that all of the
information Drake was alleged to have leaked was not only unclassified
and already in the public domain but in fact had been placed there by
NSA and Pentagon officials themselves. (As a longtime chronicler of the
NSA, I served as a consultant for Drake's defense team. The
investigation went on for four years, after which Drake received no jail
time or fine. The judge, Richard D. Bennett, excoriated the prosecutor
and NSA officials for dragging their feet. "I find that unconscionable.
Unconscionable," he said during a hearing in 2011. "That's four years of
hell that a citizen goes through. It was not proper. It doesn't pass the
smell test.")

But while the powers that be were pressing for Drake's
imprisonment, a much more serious challenge was emerging. Stuxnet, the
cyberweapon used to attack the Iranian facility in Natanz, was supposed
to be untraceable, leaving no return address should the Iranians
discover it. Citing anonymous Obama administration officials, The New
York Times reported that the malware began replicating itself and
migrating to computers in other countries. Cyber­security detectives
were thus able to detect and analyze it. By the summer of 2010 some were
pointing fingers at the US.

Natanz is a small, dusty town in central Iran known
for its plump pears and the burial vault of the 13th-century Sufi sheikh
Abd al-Samad. The Natanz nuclear enrichment plant is a vault of a
different kind. Tucked in the shadows of the Karkas Mountains, most of
it lies deep underground and surrounded by concrete walls 8 feet thick,
with another layer of concrete for added security. Its bulbous concrete
roof rests beneath more than 70 feet of packed earth. Contained within
the bombproof structure are halls the size of soccer pitches, designed
to hold thousands of tall, narrow centrifuges. The machines are linked
in long cascades that look like tacky decorations from a '70s
discotheque.

To work properly, the centrifuges need strong,
lightweight, well-balanced rotors and high-speed bearings. Spin these
rotors too slowly and the critical U-235 molecules inside fail to
separate; spin them too quickly and the machines self-destruct and may
even explode. The operation is so delicate that the computers
controlling the rotors' movement are isolated from the Internet by a
so-called air gap that prevents exposure to viruses and other malware.

In 2006, the Department of Defense gave the go-ahead
to the NSA to begin work on targeting these centrifuges, according to
The New York Times. One of the first steps was to build a map of the
Iranian nuclear facility's computer networks. A group of hackers known
as Tailored Access Operations - a highly secret organization within the
NSA - took up the challenge.

They set about remotely penetrating communications
systems and networks, stealing passwords and data by the terabyte. Teams
of "vulnerability analysts" searched hundreds of computers and servers
for security holes, according to a former senior CIA official involved
in the Stuxnet program. Armed with that intelligence, so-called network
exploitation specialists then developed software implants known as
beacons, which worked like surveillance drones, mapping out a blueprint
of the network and then secretly communicating the data back to the NSA.
(Flame, the complex piece of surveillance malware discovered by Russian
cybersecurity experts last year, was likely one such beacon.) The
surveillance drones worked brilliantly. The NSA was able to extract data
about the Iranian networks, listen to and record conversations through
computer microphones, even reach into the mobile phones of anyone within
Bluetooth range of a compromised machine.

The next step was to create a digital warhead, a task
that fell to the CIA Clandestine Service's Counter-Proliferation
Division. According to the senior CIA official, much of this work was
outsourced to national labs, notably Sandia in Albuquerque, New Mexico.
So by the mid-2000s, the government had developed all the fundamental
technology it needed for an attack. But there was still a major problem:
The secretive agencies had to find a way to access Iran's most sensitive
and secure computers, the ones protected by the air gap. For that,
Alexander and his fellow spies would need outside help.

This is where things get murky. One possible bread
crumb trail leads to an Iranian electronics and computer wholesaler
named Ali Ashtari, who later confessed that he was recruited as a spy by
the Mossad, Israel's intelligence service. (Israel denied the claim.)
Ashtari's principal customers were the procurement officers for some of
Iran's most sensitive organizations, including the intelligence service
and the nuclear enrichment plants. If new computers were needed or
routers or switches had to be replaced, Ashtari was the man to see,
according to reports from semi-official Iranian news agencies and an
account of Ashtari's trial published by the nonprofit Iran Human Rights
Voice.

He not only had access to some of Iran's most
sensitive locations, his company had become an electronics purchasing
agent for the intelligence, defense, and nuclear development
departments. This would have given Mossad enormous opportunities to
place worms, back doors, and other malware into the equipment in a wide
variety of facilities. Although the Iranians have never explicitly
acknowledged it, it stands to reason that this could have been one of
the ways Stuxnet got across the air gap.

But by then, Iran had established a new
counterintelligence agency dedicated to discovering nuclear spies.
Ashtari was likely on their radar because of the increased frequency of
his visits to various sensitive locations. He may have let down his
guard. "The majority of people we lose as sources - who get wrapped up
or executed or imprisoned - are usually those willing to accept more
risk than they should," says the senior CIA official involved with
Stuxnet. In 2006, according to Iran Human Rights Voice, Ashtari was
quietly arrested at a travel agency after returning from another trip
out of the country.

In June 2008 he was brought to trial in Branch 15 of
the Revolutionary Court, where he confessed, pleaded guilty to the
charges, expressed remorse for his actions, and was sentenced to death.
On the morning of November 17, in the courtyard of Tehran's Evin Prison,
a noose was placed around Ashtari's neck, and a crane hauled his
struggling body high into the air.

Ashtari may well have been one of the human assets
that allowed Stuxnet to cross the air gap. But he was not Israel's only
alleged spy in Iran, and others may also have helped enable malware
transfer. "Normally," says the anonymous CIA official, "what we do is
look for multiple bridges, in case a guy gets wrapped up." Less then two
weeks after Ashtari's execution, the Iranian government arrested three
more men, charging them with spying for Israel. And on December 13,
2008, Ali-Akbar Siadat, another importer of electronic goods, was
arrested as a spy for the Mossad, according to Iran's official Islamic
Republic News Agency. Unlike Ashtari, who said he had operated alone,
Siadat was accused of heading a nationwide spy network employing
numerous Iranian agents. But despite their energetic counterintelligence
work, the Iranians would not realize for another year and a half that a
cyberweapon was targeting their nuclear centrifuges. Once they did, it
was only a matter of time until they responded.

Sure enough, in August 2012 a devastating virus was
unleashed on Saudi Aramco, the giant Saudi state-owned energy company.
The malware infected 30,000 computers, erasing three-quarters of the
company's stored data, destroying everything from documents to email to
spreadsheets and leaving in their place an image of a burning American
flag, according to The New York Times. Just days later, another large
cyberattack hit RasGas, the giant Qatari natural gas company. Then a
series of denial-of-service attacks took America's largest financial
institutions offline. Experts blamed all of this activity on Iran, which
had created its own cyber command in the wake of the US-led attacks.
James Clapper, US director of national intelligence, for the first time
declared cyberthreats the greatest danger facing the nation, bumping
terrorism down to second place. In May, the Department of Homeland
Security's Industrial Control Systems Cyber Emergency Response Team
issued a vague warning that US energy and infrastructure companies
should be on the alert for cyberattacks. It was widely reported that
this warning came in response to Iranian cyberprobes of industrial
control systems. An Iranian diplomat denied any involvement.

The cat-and-mouse game could escalate. "It's a
trajectory," says James Lewis, a cyber­security expert at the Center for
Strategic and International Studies. "The general consensus is that a
cyber response alone is pretty worthless. And nobody wants a real war."
Under international law, Iran may have the right to self-defense when
hit with destructive cyberattacks. William Lynn, deputy secretary of
defense, laid claim to the prerogative of self-defense when he outlined
the Pentagon's cyber operations strategy. "The United States reserves
the right," he said, "under the laws of armed conflict, to respond to
serious cyberattacks with a proportional and justified military response
at the time and place of our choosing." Leon Panetta, the former CIA
chief who had helped launch the Stuxnet offensive, would later point to
Iran's retaliation as a troubling harbinger. "The collective result of
these kinds of attacks could be a cyber Pearl Harbor," he warned in
October 2012, toward the end of his tenure as defense secretary, "an
attack that would cause physical destruction and the loss of life." If
Stuxnet was the proof of concept, it also proved that one successful
cyberattack begets another. For Alexander, this offered the perfect
justification for expanding his empire.

In May 2010, a little more than a year after President
Obama took office and only weeks before Stuxnet became public, a new
organization to exercise American rule over the increasingly militarized
Internet became operational: the US Cyber Command. Keith Alexander,
newly promoted to four-star general, was put in charge of it. The forces
under his command were now truly formidable - his untold thousands of
NSA spies, as well as 14,000 incoming Cyber Command personnel, including
Navy, Army, and Air Force troops. Helping Alexander organize and
dominate this new arena would be his fellow plebes from West Point's
class of 1974: David Petraeus, the CIA director; and Martin Dempsey,
chair of the Joint Chiefs of Staff.

Indeed, dominance has long been their watchword.
Alexander's Navy calls itself the Information Dominance Corps. In 2007,
the then secretary of the Air Force pledged to "dominate cyberspace"
just as "today, we dominate air and space." And Alexander's Army warned,
"It is in cyberspace that we must use our strategic vision to dominate
the information environment." The Army is reportedly treating digital
weapons as another form of offensive capability, providing frontline
troops with the option of requesting "cyber fire support" from Cyber
Command in the same way they request air and artillery support.

All these capabilities require a giant expansion of
secret facilities. Thousands of hard-hatted construction workers will
soon begin erecting cranes, driving backhoes, and emptying cement trucks
as they expand the boundaries of NSA's secret city eastward, increasing
its already enormous size by a third. "You could tell that some of the
seniors at NSA were truly concerned that cyber was going to engulf
them," says a former senior Cyber Command official, "and I think
rightfully so."

In May, work began on a $3.2 billion facility housed
at Fort Meade in Maryland. Known as Site M, the 227-acre complex
includes its own 150-megawatt power substation, 14 administrative
buildings, 10 parking garages, and chiller and boiler plants. The server
building will have 90,000 square feet of raised floor - handy for
supercomputers - yet hold only 50 people. Meanwhile, the
531,000-square-foot operations center will house more than 1,300 people.
In all, the buildings will have a footprint of 1.8 million square feet.
Even more ambitious plans, known as Phase II and III, are on the drawing
board. Stretching over the next 16 years, they would quadruple the
footprint to 5.8 million square feet, enough for nearly 60 buildings and
40 parking garages, costing $5.2 billion and accommodating 11,000 more
cyberwarriors.

In short, despite the sequestration, layoffs, and
furloughs in the federal government, it's a boom time for Alexander. In
April, as part of its 2014 budget request, the Pentagon asked Congress
for $4.7 billion for increased "cyberspace operations," nearly $1
billion more than the 2013 allocation. At the same time, budgets for the
CIA and other intelligence agencies were cut by almost the same amount,
$4.4 billion. A portion of the money going to Alexander will be used to
create 13 cyberattack teams.

What's good for Alexander is good for the fortunes of
the cyber-industrial complex, a burgeoning sector made up of many of the
same defense contractors who grew rich supplying the wars in Iraq and
Afghanistan. With those conflicts now mostly in the rearview mirror,
they are looking to Alexander as a kind of savior. After all, the US
spends about $30 billion annually on cybersecurity goods and services.

In the past few years, the contractors have embarked
on their own cyber building binge parallel to the construction boom at
Fort Meade: General Dynamics opened a 28,000-square-foot facility near
the NSA; SAIC cut the ribbon on its new seven-story Cyber Innovation
Center; the giant CSC unveiled its Virtual Cyber Security Center. And at
consulting firm Booz Allen Hamilton, where former NSA director Mike
McConnell was hired to lead the cyber effort, the company announced a
"cyber-solutions network" that linked together nine cyber-focused
facilities. Not to be outdone, Boeing built a new Cyber Engagement
Center. Leaving nothing to chance, it also hired retired Army major
general Barbara Fast, an old friend of Alexander's, to run the
operation. (She has since moved on.)

Defense contractors have been eager to prove that they
understand Alexander's worldview. "Our Raytheon cyberwarriors play
offense and defense," says one help-wanted site. Consulting and
engineering firms such as Invertix and Parsons are among dozens posting
online want ads for "computer network exploitation specialists." And
many other companies, some unidentified, are seeking computer and
network attackers. "Firm is seeking computer network attack specialists
for long-term government contract in King George County, VA," one recent
ad read. Another, from Sunera, a Tampa, Florida, company, said it was
hunting for "attack and penetration consultants."

One of the most secretive of these contractors is
Endgame Systems, a startup backed by VCs including Kleiner Perkins
Caufield & Byers, Bessemer Venture Partners, and Paladin Capital Group.
Established in Atlanta in 2008, Endgame is transparently antitransparent.
"We've been very careful not to have a public face on our company,"
former vice president John M. Farrell wrote to a business associate in
an email that appeared in a WikiLeaks dump. "We don't ever want to see
our name in a press release," added founder Christopher Rouland. True to
form, the company declined wired's interview requests.

Perhaps for good reason: According to news reports,
Endgame is developing ways to break into Internet-connected devices
through chinks in their antivirus armor. Like safecrackers listening to
the click of tumblers through a stethoscope, the "vulnerability
researchers" use an extensive array of digital tools to search for
hidden weaknesses in commonly used programs and systems, such as Windows
and Internet Explorer. And since no one else has ever discovered these
unseen cracks, the manufacturers have never developed patches for them.

Thus, in the parlance of the trade, these
vulnerabilities are known as "zero-day exploits," because it has been
zero days since they have been uncovered and fixed. They are the
Achilles' heel of the security business, says a former senior
intelligence official involved with cyberwarfare. Those seeking to break
into networks and computers are willing to pay millions of dollars to
obtain them.

According to Defense News' C4ISR Journal and Bloomberg
Businessweek, Endgame also offers its intelligence clients - agencies
like Cyber Command, the NSA, the CIA, and British intelligence - a
unique map showing them exactly where their targets are located. Dubbed
Bonesaw, the map displays the geolocation and digital address of
basically every device connected to the Internet around the world,
providing what's called network situational awareness. The client
locates a region on the password-protected web-based map, then picks a
country and city - say, Beijing, China. Next the client types in the
name of the target organization, such as the Ministry of Public
Security's No. 3 Research Institute, which is responsible for computer
security - or simply enters its address, 6 Zhengyi Road. The map will
then display what software is running on the computers inside the
facility, what types of malware some may contain, and a menu of
custom-designed exploits that can be used to secretly gain entry. It can
also pinpoint those devices infected with malware, such as the Conficker
worm, as well as networks turned into botnets and zombies - the
equivalent of a back door left open.

Bonesaw also contains targeting data on US allies, and
it is soon to be upgraded with a new version codenamed Velocity,
according to C4ISR Journal. It will allow Endgame's clients to observe
in real time as hardware and software connected to the Internet around
the world is added, removed, or changed. But such access doesn't come
cheap. One leaked report indicated that annual subscriptions could run
as high as $2.5 million for 25 zero-day exploits.

The buying and using of such a subscription by
nation-states could be seen as an act of war. "If you are engaged in
reconnaissance on an adversary's systems, you are laying the electronic
battlefield and preparing to use it," wrote Mike Jacobs, a former NSA
director for information assurance, in a McAfee report on cyberwarfare.
"In my opinion, these activities constitute acts of war, or at least a
prelude to future acts of war." The question is, who else is on the
secretive company's client list? Because there is as of yet no oversight
or regulation of the cyberweapons trade, companies in the
cyber-industrial complex are free to sell to whomever they wish. "It
should be illegal," says the former senior intelligence official
involved in cyber­warfare. "I knew about Endgame when I was in
intelligence. The intelligence community didn't like it, but they're the
largest consumer of that business."

Thus, in their willingness to pay top dollar for more
and better zero-day exploits, the spy agencies are helping drive a
lucrative, dangerous, and unregulated cyber arms race, one that has
developed its own gray and black markets. The companies trading in this
arena can sell their wares to the highest bidder - be they frontmen for
criminal hacking groups or terrorist organizations or countries that
bankroll terrorists, such as Iran. Ironically, having helped create the
market in zero-day exploits and then having launched the world into the
era of cyberwar, Alexander now says the possibility of zero-day exploits
falling into the wrong hands is his "greatest worry."

He has reason to be concerned. In May, Alexander
discovered that four months earlier someone, or some group or nation,
had secretly hacked into a restricted US government database known as
the National Inventory of Dams. Maintained by the Army Corps of
Engineers, it lists the vulnerabilities for the nation's dams, including
an estimate of the number of people who might be killed should one of
them fail. Meanwhile, the 2013 "Report Card for America's
Infrastructure" gave the US a D on its maintenance of dams. There are
13,991 dams in the US that are classified as high-hazard, the report
said. A high-hazard dam is defined as one whose failure would cause loss
of life. "That's our concern about what's coming in cyberspace - a
destructive element. It is a question of time," Alexander said in a talk
to a group involved in information operations and cyberwarfare, noting
that estimates put the time frame of an attack within two to five years.
He made his comments in September 2011.